Method and device for controlling the execution of at least one function in a short range wireless communication module of a mobile phone

ABSTRACT

A method and device for controlling the execution of at least one function in a short-range wireless communication module of a mobile apparatus adapted for receiving at least one identification card. After transmitting an information request to the identification card, to obtain at least one piece of information characteristic of the identification card, an answer including at least one piece of information characteristic of the identification card is received therefrom. When the answer is identified and in response to the at least one piece of information, the at least one function is executed. An authentication request is received by the short-range wireless communication module. If the answer is authenticated, the short-range wireless communication module sends an authorization to the authentication request in response to the at least one piece of information characteristic of the identification card before the execution of the at least one function.

The present invention concerns the field of controlling execution offunctions and more particularly mechanisms for authorizing andprohibiting execution of at least one function in a wireless near fieldcommunication module of a mobile apparatus according to an identifier ofthe mobile apparatus.

Whereas some services are offered without restrictions to possessors ofmobile apparatus, possibly subject to the reservation that the apparatushas certain particular technical characteristics for using thoseservices, there are numerous services that are accessible only to someusers or to some mobile apparatus, for example users who have enteredinto particular contracts or subscriptions.

By way of illustration, telephone operators often finance the purchaseof subscribers' mobile telephones subject to the subscriber signing acontract to remain a subscriber for a certain time. To prevent thiscontract being circumvented, mobile telephones are generally lockedduring the contract so that they can be used only on mobile telephonenetworks authorized by the telephone operator. This kind of mechanismcan be implemented by the provider of the subscriber card using, forexample, information contained in a SIM (Subscriber Identity Module)card conforming to a GSM or 3G standard. This is generally a softwarelocking method that is relatively easy for a fraudster to circumvent,the operating system of the telephone having little or no protection.

In a similar manner, US patent application 2006/0112275 describes ahardware lock (dongle) used in a method for controlling communicationbetween a SIM card, for example of the type used in a GSM telephone, anda computer, for example of the PC (Personal Computer) type. The SIM cardcan be authenticated by the telephone network in the same way as the SIMcard of a mobile telephone is authenticated by the telephone network,thus enabling authentication of the user of the computer. Suchauthentication can allow use of the computer for a limited time period,for example to use a particular application loaded into the computerafter authentication. The application can be loaded into the computer bya third party after and in response to authentication. Costs can becharged to the user by the communication network and passed on to thethird party. The hardware lock provides additional security means forthe authentication data stored in the SIM card by the use of a PIN(Personal Identification Number) code that must be entered and/or inresponse to requests from the computer, which requests are encrypted bymeans of a key and are generated by a particular interface of thecomputer.

Thus there exists a requirement to control access to some services froma device, preferably a mobile apparatus, according to certaincharacteristics of an identification card such as a SIM card.

The invention offers an alternative to authentication means providingaccess to certain services according to certain characteristics of anidentification card enabling new applications to make use of theblocking and unblocking principle.

The invention therefore consists in a method of controlling execution ofat least one function in a wireless near field communication module of amobile apparatus adapted to receive identification means, this methodcomprising the following steps:

-   -   transmission of an information request by said wireless near        field communication module to said identification means, said        information request aiming to at least one item of obtain at        least one item of information characteristic of said        identification means;    -   reception of a response to said information request from said        identification means, said response containing at least one item        of information characteristic of said identification means;    -   authentication of said response by said wireless near field        communication module; and    -   if said response is authenticated, execution of said at least        one function in response to said at least one item of        information characteristic of said identification means.

The method of the invention therefore authorizes or refuses execution offunctions in a wireless near field communication module according tocharacteristics of an identification card. In particular, authorizationor refusal of execution of a function can be linked to the operator thatissued the identification card.

In one particular embodiment, the method further comprises the followingsteps:

-   -   reception of an authentication request by said wireless near        field communication module; and    -   if said response is authenticated, before execution of said at        least one function, transmission by said wireless near field        communication module of an authorization to said authentication        request in response to said at least one item of information        characteristic of said identification means.

In this embodiment, the method of the invention authorizes or refusesexecution of functions in a wireless near field communication moduleaccording to characteristics of an identification card when thosefunctions are linked to an external device. This embodiment can be usedin particular to control access to services.

Again in one particular embodiment, the transmission of informationbetween said identification means and said wireless near fieldcommunication module is at least partially effected through amicroprocessor of said mobile apparatus, the method comprising thefollowing steps:

-   -   transmission of said information request to said microprocessor,        said microprocessor being adapted to transmit said information        request to said identification means; and/or    -   reception of said response from said microprocessor, said        microprocessor having received said response from said        identification means.

This embodiment uses the architecture of the mobile apparatus in whichthe invention is implemented whilst offering a high level of security.

Said response and/or said authorization is advantageously coded orsecured so that it can be authenticated, to avoid simulation of theresponse or the authorization by a fraudulent program.

Again in one particular embodiment, said coding or securing of saidresponse and/or said authorization is based on authenticationinformation stored locally in said identification means or in saidwireless near field communication module coding or securing saidresponse and/or said authorization to improve the security of themethod. Said authentication information can in particular be a privatecryptographic key.

Again in one particular embodiment, said coding or securing of saidresponse and/or said authorization is effected locally in saididentification means or in said wireless near field communicationmodule, coding or securing said response and/or said authorization onthe basis of authentication information stored locally in saididentification means or in said wireless near field communication modulecoding or securing said response and/or said authorization to improvethe security of the method.

To reduce the risk of fraud, said wireless near field communicationmodule is at least partially secure.

In one particular embodiment the function executed by said wireless nearfield communication module consists in updating data stored in saidwireless near field communication module. The method of the inventionthus prevents stored data being replaced fraudulently by other data.

The function executed by said wireless near field communication modulecan also consist in authorizing a wireless communication mode, to orfrom an external device, from said wireless near field communicationmodule to monitor communication.

The function executed by said wireless near field communication modulecan thus in particular also limit access to the services to certaintypes of operator or to certain types of contract.

In one particular embodiment, at least some communication between saididentification means and said wireless near field communication modulesis secure.

Again in one particular embodiment, said information request includes anindication relating to said at least one function for selectivelyauthorizing or prohibiting some functions.

The invention also consists in a computer program including instructionsadapted to execute each of the steps of the method described above.

The invention also consists in removable or non-removable informationstorage means partly or totally readable by a computer or amicroprocessor and containing code instructions of a computer programfor the execution of each of the steps of the method described above.

The invention further consists in a control device for the execution ofat least one function in wireless near field communication means of amobile apparatus adapted to receive identification means, this devicecomprising the following means:

-   -   means for transmitting at least one information request to said        identification means, said information request aiming to obtain        at least one item of information characteristic of said        identification means;    -   means for receiving a response to said information request from        said identification means, said response including at least one        item of information characteristic of said identification card;    -   means for authenticating said response; and    -   means for executing said at least one function in response to        said at least one item of information characteristic of said        identification card.

The device of the invention thus authorizes or refuses execution offunctions in a wireless near field communication module according tocharacteristics of an identification card. In particular, authorizationor refusal of execution of a function can be linked to the operator thatissued the identification card.

In one particular embodiment, said mobile apparatus comprises amicroprocessor separate from said authentication means and saidexecution means so that a security failing of said microprocessor doesnot affect the security of the device.

The device advantageously further comprises:

-   -   means for receiving at least one authentication request; and    -   means for transmitting an authorization to said authentication        request in response to said at least one item of information        characteristic of said identification card before the execution        of said at least one function.

In this embodiment the device of the invention authorizes or refusesexecution of functions in a wireless near field communication moduleaccording to the characteristics of an identification card if thefunctions are linked to an external device. This embodiment is used inparticular to control access to some services.

The device advantageously further includes coding or securing meansadapted to code or secure said authorization so that said authorizationcan be authenticated to avoid said authorization being simulated by afraudulent program.

In one particular embodiment, the device further includes storage meansfor storing authentication information used by said coding or securingmeans to code or secure said authorization in order to improve thesecurity of the device. Said storage means are advantageouslynon-volatile. Said storage means are advantageously adapted also tostore data for authenticating said response.

Again in one particular embodiment, the identification means consist ofan identification card of a subscriber to a mobile telephone networksuch as a SIM card commonly used in mobile telephone units.

Again in one particular embodiment, said wireless near fieldcommunication means conform to the ISO 14443 standard.

Again in one particular embodiment, said wireless near fieldcommunication means are integrated into said mobile apparatusnon-removably.

Other advantages, objects and features of the present invention emergefrom the following detailed description given by way of nonlimitingexample with reference to the appended drawings in which:

FIG. 1, comprising FIGS. 1a and 1b , shows one example of a microcircuitcard for wireless near field communication;

FIG. 2, comprising FIGS. 2a and 2b , shows for a mobile telephoneapplication one embodiment of the invention respectively using amicrocircuit card similar to that represented in the previous figure andan NFC module;

FIG. 3 shows one example of implementation of the invention in a mobiletelephone unit; and

FIG. 4 is a diagrammatic representation of one example of an algorithmimplementing the invention in the device shown in FIG. 3.

The invention more specifically concerns the use of mobile apparatussuch as mobile telephone units able to communicate via a global wirelesscommunication network such as a GMS or UMTS network or via a local areanetwork such as a WiFi network. The invention can also be implementedusing other mobile apparatus such as personal digital assistants (PDA).According to the invention, the mobile apparatus includes wireless nearfield communication means, for example with a range less than one meter,fifty centimeters or twenty centimeters, and an identification modulesuch as a wireless communication network identification module such as aSIM card.

The invention exploits new wireless near field communicationtechnologies that can be integrated into mobile apparatus. For example,the NFC (Near Field Communication) technology offers wireless near fieldcommunication means for identification, data exchange and paymentapplications. Generally operating at a frequency of 13.56 MHz andproviding a data transfer rate up to 424 kbit/s, the NFC technologyprovides simple and reliable communication of data between electronicdevices.

According to the invention, such wireless near field communication meansare provided with a controller with more restricted or more reliableaccess than the processor and the operating system of the mobiletelephone unit in which they are installed, which offer the possibilityof installing software or accessing the memory. This aspect is exploitedby the invention to provide a function for partially or totally blockingand unblocking wireless near field communication means that is moreresistant to attack, authorizing such means to communicate only in thepresence of a SIM card of a specific operator by authorizing orprohibiting execution of some functions in the communication meansand/or access to some of the services offered.

These wireless near field communication means can take the form of amicrocircuit card including an antenna within its body or remotelylocated. Such a card is removable. Alternatively, these wireless nearfield communication means can take the form of a module fixed to thebody of the telephone such as an integrated circuit mounted on a printedcircuit carrying the antenna or a module such as a circuit and anantenna embedded in plastic. Such a module is non-removable.

In a first embodiment, the wireless near field communication meanscomprise for example a substantially rigid body such as a plasticmaterial body, with a microcircuit, and a flexible film comprising anantenna connected to the microcircuit, and the antenna carried by thefilm can extend at least partially beyond the body. One example of anelectronic entity adapted to incorporate such a device concernsminicards, for example cards to the ID-000 format. They can be microchipcards, i.e. microcircuit cards conforming to the ISO 7816 standard, thethickness of which is approximately 0.76 mm, and include a securemicrocontroller.

They can equally be cards conforming to other formats, such as the MMC(MultiMedia Card), RS-MMC (Reduced-Size MultiMedia Card) or UICC(Universal Integrated Circuit Card) format.

The microcircuit card is preferably adapted to communicate according tothe ISO 14443 standard at a frequency of approximately 13.56 MHz.

FIG. 1, comprising FIGS. 1a and 1b , shows an example of a microcircuitcard for wireless near field communication means. FIG. 1a is a top viewof the microcircuit card while FIG. 1b is a view in section taken alongthe line A-A.

This card has a substantially rigid card body 105 and a flexible film110 on which is formed an antenna 120. A microcircuit 115 is integratedinto the card body 105. The circuit 115 can be a circuit comprising asecure communication microprocessor and a memory adapted to store aprogram and coding keys, for example. In one particular embodiment, thecircuit 115 includes contact communication means for exchanging datawith the mobile telephone unit to which it is connected and contactlesscommunication means for exchanging data with an external electronicdevice.

The film 110 advantageously comprises three parts, the first beingjoined to the body to establish contact between the circuit 115 and theantenna 120, the second advantageously comprising two tracks 125 used toconnect the antenna 120 to the card body 105, and the third supportingthe antenna 120 comprising a bridge 130.

As shown in FIG. 1b , the card body 105 comprises the circuit 115connected to connectors 135 flush with the surface of the body 105 ofthe card, establishing an electrical connection with appropriate mobileapparatus when it is inserted into that mobile apparatus. The circuit115 is also connected to the conductive tracks 125 of the film 110. Theantenna 120 is preferably protected by an insulative layer 140 adaptedto retain the antenna 120 in a predefined position by pressure. The film110 is preferably produced in plastic material such as nylon or PVC,i.e. a flexible and strong material.

FIG. 2a shows one example of use of a wireless near field communicationcard, similar to that shown in FIG. 1, in a mobile telephoneapplication. The body 200 of the mobile telephone unit comprises atriple cavity adapted to receive a microcircuit card, for example astandard SIM card, a wireless near field communication card and abattery. The triple cavity is protected by a cover 205. The portion ofthe cavity adapted to receive a microcircuit card 210 advantageouslycomprises connectors so that when the microcircuit card is in place thetelephone and the microcircuit card are electrically coupled. Themicrocircuit card can be retained by a standard locking system (notshown). Likewise, the portion of the cavity adapted to receive awireless near field communication card 105 preferably comprisesconnectors so that when the card 105 is in place the telephone and thecard are electrically coupled. The card 105 can also be retained by astandard locking system (not shown). Accordingly, when the body of thecard 105 is placed in the cavity, the telephone and the circuit 115 areelectrically coupled. The film 110 is preferably positioned along thebattery 215 so that the antenna 120 is between the battery 215 and thecover 205, as shown.

Placing the antenna 120 between the batch 215 and the cover 205 enablesthe circuit 115 to exchange data with an appropriate transceiver withoutcontact, limiting spurious effects linked to the body 200 of thetelephone and to the battery 215.

Alternatively, in a second embodiment, as shown in FIG. 2b , a wirelessnear field communication module 220 can be used instead of the card 100from FIG. 2a . The module 220 then comprises the same elements as thecard 100, integrated a component connected to the body of the telephone200. The module 220 can be connected mechanically or by soldering, andthus the module 220 is typically non-removable.

In the remainder of the description, the expression wireless near fieldcommunication module refers interchangeably to cards and componentshaving the features of the module 220 or the card 100, which aresimilar.

FIG. 3 shows an example of use of the invention in a mobile telephoneunit 300. As shown, the mobile telephone unit 300 comprises a mainmicroprocessor 305 used to execute the usual mobile telephoneapplications and, where appropriate, applications such as PIM (PersonalInformation Manager) applications or games.

The mobile telephone unit 300 also comprises an identification card suchas a SIM card 310. The identification card 310 is a standard SIM cardhere comprising a microprocessor 315, preferably a securemicroprocessor, and a memory 320. The memory 320 is advantageouslyadapted to store a table 325 containing for example a list of functionsor services as well as restrictions on the use of those functions orservices. The memory 320 is also adapted to store a cryptographic keyfor signing data so that analyzing the signed data provides forauthentication of the source of the data. The identification card 310 isconnected to the microprocessor 305 to enable exchange of data betweenthe microprocessors 305 and 315.

The mobile telephone unit 300 also comprises a wireless near fieldcommunication module 335. The module 335 comprises a communicationmicroprocessor 340. The microprocessor 340 is advantageously secure andpreferably conforms to the ISO 14443 standard. The module 335 alsocomprises a memory 345. The memory 345 is adapted to store programs 350and for example two cryptographic keys 355 and 360. Here a first key 355is adapted to authenticate the signature of data signed using the key330 contained in the memory 320 of the identification card 310. The card335 uses the second key 360 to sign data whose source can then beauthenticated. The module 335 also comprises an antenna 365 enabling themodule 335 to transmit and receive data to and from the exterior. Forpurposes of illustration, the antenna 365 is shown here outside themodule 335. The module 335 is connected to the microprocessor 305 toenable exchange of data between the microprocessors 305 and 340.

To transmit or receive data the antenna 365 connected to the module 335must be situated at a near distance from an electronic device 370comprising an antenna 375 adapted to receive and transmit data from andto the module 335 of the mobile telephone unit 300.

In one advantageous embodiment, communication between the wireless nearfield communication module 335 and the identification card 310 issecured by the module and the card themselves, for example encrypted,and uses methods known to the person skilled in the art to avoidanalysis and simulation of the commands exchanged. Such a methodconsists, for example, in using an encrypted and signed messagecontaining a message counting mechanism. It should be noted thatcommunication between the wireless near field communication module 335and the identification card 310 can be wireless communication.

By way of illustration, the electronic device 370 can be a deviceadapted to control access, such as access to transportation means suchas trains or aircraft, hotel rooms, swimming pools or theatres. Theelectronic device 370 can equally be adapted to authorize the use,temporary or otherwise, of certain applications such as games or toauthorize the downloading of contents such as multimedia contents.

FIG. 4 is a diagrammatic representation of one example of an algorithmimplementing the invention used in the device shown in FIG. 3 to accessservices according to the characteristics of the identification card. Anembodiment of this kind concerns in particular the possibility ofeffecting a purchase, for example to purchase a cinema ticket or a trainticket from an automatic machine, with the payment debited to thetelephone account.

For clarity, the steps in the left-hand portion of the algorithmrepresented in FIG. 4 are linked to the service provider while the stepson the right-hand side are linked to the mobile telephone unit.

When it has detected the presence of a mobile telephone unit (step 400),the electronic device 370 sends a signal to activate the wireless nearfield communication module 335 referred to MoyCom (step 405). Activationcan in particular consist in powering up the module 335. An activationsignal of this kind conforms to the 14443 standard, for example.Communication between the electronic device 370 and the module 335 ispreferably initialized when an activation signal has been sent.

The electronic device 370 then offers access to one or more servicesreferred to S. To this end, the electronic device 370 sends anauthentication request referred to RA1 containing a request identifierand advantageously containing an identification of the services offered(step 410) in order to obtain authorization to access the services S.

When the wireless near field communication module 335 of the mobiletelephone unit 300 receives the authentication request RA1, itdetermines its nature, for example to determine if the services offeredcan be put in use by the mobile telephone unit 300. If so, the module335 sends an information request referred to RA2 to the microprocessor305 referred to MainProc of the mobile telephone unit 300 (step 415).The object of the request RA2 is to obtain authorization for theidentification card 310 to use the services offered or to determinewhether access to those services is prohibited or not. For example, therequest RA2 can therefore contain an identifier of the services offeredto obtain in return an authorization or a refusal. Alternatively, therequest RA2 can contain a simple request for an identity from theidentification card in order for the module 335 to be in a position todetermine if access to the services offered is authorized, depending onthe identity obtained from the identification card. When themicroprocessor 305 receives the authentication request RA2 it forwardsit to the SIM identification card 310 (step 420). The microprocessor 305can also display a message on the screen of the telephone or emit anaudible or visual signal, for example indicating that the user mustenter a validation code.

When it has received the authentication request RA2, the identificationcard 310 verifies if access to the services associated with theauthentication request is authorized by comparing the identifier of theservices offered to the information previously stored in the table 325(step 425). It should be noted here that the identifier of the servicesoffered can be associated with a service, a set of linked services or aset of services to which access can be authorized or refusedindividually. It can therefore be a question of a single identifier oran identifier set. The table 325 can contain, for example, a list ofidentifiers of authorized services and a list of identifiers ofauthorized services. If access to the services is not authorized, therequest is rejected. In this case, the identification card return nomessage (as shown here) or returns a message with a rejectionindication.

If access to the services is authorized, the identification card returnsan acceptance message RS2 to the microprocessor 305 of the mobiletelephone unit 300 (step 430). The acceptance message is preferablysigned using the key stored at 330 to avoid that message being simulatedby the microprocessor 305, in which a fraudulent program might have beeninstalled. When the signed acceptance message RS1 is received, themicroprocessor 305 forwards it to the module 335 (step 435). If the userhas entered a validation code, that code can also be transmitted to themodule 335. Alternatively, when the request RA2 has been received, theidentification card 310 can return, in signed form, one or more of itscharacteristics in order for the module 335 to be in a position todetermine authorization to access or not the services offered. Thisalternative is shown in dashed outline.

When it has received the signed acceptance message RS2 (step 440), themodule 335 verifies the source of the signed acceptance message RS2using for example the key stored at 355 (step 445). It should be notedthat the keys stored at 330 and 355 are such that if a message is signedusing the key stored at 330, the key stored at 355 verifies that themessage was in fact signed by the key stored at 330. Such algorithms arefamiliar to the person skilled in the art, in particular the RSA (RivestShamir Adleman) algorithm. In this type of algorithm, the key stored at330 is a private key and the corresponding key stored at 335 is a publickey.

If the source of the signed acceptance message RS2 is not recognized,the request is rejected. In this case, the module 335 can either returnno message (as shown here) or return a message with a rejectionindication.

If the source of the signed acceptance message RS2 is recognized, therequest is accepted and the module 335 sends an authentication messageRS1 using the key stored at 360 to the electronic device 370 to beauthenticated (step 450). The key stored at 360 is preferably a privatekey.

Alternatively, if the message RS2 is authenticated and containsinformation on the identification card 310, the module 335 determinesfrom this information whether it can access the services offered. Again,if the module can access the services offered, the module 335 sends anauthentication message RS1 using the key stored at 360 to the electronicdevice 370 to be authenticated.

When the authentication message RS1 has been received, the electronicdevice 370 verifies the source of the authentication message using amechanism similar to that described above, for example using a publickey corresponding to the private key stored at 360. If theauthentication message RS1 is recognized, the electronic device 370provides the mobile telephone unit 300 with access to the services S(step 460). The mobile telephone unit 300 can then use the services S(step 465).

The private cryptographic key stored in the identification card can becommon to a plurality of identification cards. In particular, eachoperator can use one or more private cryptographic keys to authorize orrefuse access by its subscribers, in particular according to the type ofsubscription.

It should be noted that although a key-based authentication system isused in the embodiment of the invention described here, the invention isnot limited to that authentication mode.

In one particular embodiment, the microprocessor 305 of the mobiletelephone unit 300 can receive via the mobile telecommunication networkprograms or program updates to be stored in the memory 350 of thewireless near field communication module 335. In this embodiment, themodule 335 does not accept storage of programs or program updates in thememory 350 unless authorized by the identification card 310. Theauthorization mechanism is then similar to the algorithm describedabove, in particular with reference to the steps 415 to 445. In thisembodiment, authorization concerns the storage function and not accessto an offered service.

Again in a particular embodiment, the wireless near field communicationmodule 335, after it has been activated, requests authorization by theidentification card 310 before initiating any communication with theelectronic entity 370. Again, any such authorization mechanism issimilar to the algorithm described above, in particular with referenceto the steps 415 to 445.

The module 335 is advantageously at least partly secure, in particularaccording to the FIPS (Federal Information Processing Standards) orcommon criteria.

Naturally, to satisfy specific requirements, a person skilled in thefield of the invention can apply modifications to the foregoingdescription.

The invention claimed is:
 1. A method of controlling execution of atleast one function in a mobile apparatus adapted to receiveidentification means, the method comprising: transmitting within themobile apparatus, an information request from a wireless near fieldcommunication module separate from the identification means within themobile apparatus to a processor of said identification means within themobile apparatus, said information request aiming to obtain at least oneitem of information characteristic of said identification means;receiving by the wireless near field communication module within themobile apparatus, a response to said information request from saididentification means, said response containing at least one item ofinformation characteristic of said identification means; authenticating,within the mobile apparatus, said response by said wireless near fieldcommunication module; and if said response is authenticated, executingsaid at least one function in said wireless near field communicationmodule in response to said at least one item of informationcharacteristic of said identification means, said at least one functioncomprising initiating a communication with a wireless near fieldcommunication device external to the mobile apparatus.
 2. The methodaccording to claim 1, further comprising the following steps: receivingan authentication request by said wireless near field communicationmodule; and if said response is authenticated, before execution of saidat least one function, said wireless near field communication moduletransmitting an authorization to said authentication request in responseto said at least one item of information characteristic of saididentification means.
 3. The method according to claim 1, wherein thetransmission of information between said identification means and saidwireless near field communication module is at least partially effectedthrough a microprocessor of said mobile apparatus, the method furthercomprising the following steps: transmitting said information request tosaid microprocessor, said microprocessor being adapted to transmit saidinformation request to said identification means; and/or receiving saidresponse from said microprocessor, said microprocessor having receivedsaid response from said identification means.
 4. The method according toclaim 2, wherein said response and/or said authorization is coded orsecured so that it can be authenticated.
 5. The method according toclaim 4, wherein said coding or securing of said response and/or saidauthorization is based on authentication information stored locally insaid identification means or in said wireless near field communicationmodule, coding or securing said response and/or said authorization. 6.The method according to claim 5, wherein authentication information is aprivate cryptographic key.
 7. The method according to claim 5, whereinsaid coding or securing of said response and/or said authorization iseffected locally in said identification means or in said wireless nearfield communication module, coding or securing said response and/or saidauthorization on the basis of authentication information stored locallyin said identification means or in said wireless near fieldcommunication module coding or securing said response and/or saidauthorization.
 8. The method according to claim 1, wherein the object ofsaid at least one function is to update data stored in said wirelessnear field communication module, to authorized wireless communication toor from an external device by said wireless near field communicationmodule, or to access at least one service offered by an external device.9. The method according to claim 1, wherein at least some communicationbetween said identification means and said wireless near fieldcommunication module is secure.
 10. The method according to claim 1,wherein said information request includes an indication relating to saidat least one function.
 11. A non-transitory computer-readable storagemedium on which is stored computer-executable code of a computer programthat comprises instructions that, when executed by a mobile apparatushaving a wireless near field communication module and identificationmeans with a separate processor, causes the mobile apparatus to executethe steps of: transmitting within the mobile apparatus, an informationrequest by said wireless near field communication module separate fromthe identification means in the mobile apparatus to the processor ofsaid identification means in the mobile apparatus, said informationrequest aiming to obtain at least one item of information characteristicof said identification means; receiving, by the wireless near fieldcommunication module within the mobile apparatus, a response to saidinformation request from said identification means, said responsecontaining at least one item of information characteristic of saididentification means; authenticating, within the mobile apparatus, saidresponse by said wireless near field communication module; and if saidresponse is authenticated, executing said at least one function in thewireless near field communication module in response to said at leastone item of information characteristic of said identification means,said at least one function comprising initiating a communication with awireless near field communication device external to the mobileapparatus.
 12. A control device for executing at least one function inwireless near field communication means of a mobile apparatus adapted toreceive identification means, the control device comprising in themobile apparatus: means for transmitting within the mobile apparatus atleast one information request from the wireless near field communicationmeans separate from the identification means in the mobile apparatus toa processor of said identification means in the mobile apparatus, saidinformation request aiming to obtain at least one item of informationcharacteristic of said identification means; means for receiving, bysaid wireless near field communication means within the mobile apparatusa response to said information request from said identification means,said response including at least one item of information characteristicof said identification means; means for authenticating, within themobile apparatus, said response by said wireless near fieldcommunication means; and means for executing said at least one functionin the wireless near field communication means in response to said atleast one item of information characteristic of said identificationmeans, said at least one function comprising initiating a communicationwith a wireless near field communication device external to the mobileapparatus.
 13. The control device according to claim 12, wherein saidmobile apparatus comprises a microprocessor separate from saidauthentication means and said execution means.
 14. The control deviceaccording to claim 12, further comprising the following means: means forreceiving at least one authentication request; and means fortransmitting an authorization to said authentication request in responseto said at least one item of information characteristic of saididentification means before the execution of said at least one function.15. The control device according to claim 14, further comprising codingor securing means adapted to code or secure said authorization so thatsaid authorization can be authenticated.
 16. The control deviceaccording to claim 15, further comprising storage means for storingauthentication information used by said coding or securing means to codeor secure said authorization.
 17. The control device according to claim16, wherein said storage means are nonvolatile.
 18. The control deviceaccording to claim 16, wherein said storage means are adapted also tostore data for authenticating said response.
 19. The control deviceaccording to claim 12, wherein the identification means are anidentification card of a mobile telephone network subscriber.
 20. Thecontrol device according to claim 12 wherein said wireless near fieldcommunication means conform to the ISO 14443 standard.
 21. The controldevice according to claim 12, wherein said wireless near fieldcommunication means are integrated into said mobile apparatusnon-removably.